Lucene search
K

84 matches found

Vulnrichment
Vulnrichment
added 2026/01/28 5:30 a.m.3 views

CVE-2026-1083 Appointment Hour Booking – Booking Calendar <= 1.5.60 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Min/Max Length' Field Configuration

The Appointment Hour Booking – Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form field configuration parameters in all versions up to, and including, 1.5.60 due to insufficient input sanitization and output escaping on the 'Min length/characters' and 'Max...

4.4CVSS5.9AI score0.00262EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/28 5:30 a.m.4 views

EUVD-2026-4866

The Appointment Hour Booking – Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form field configuration parameters in all versions up to, and including, 1.5.60 due to insufficient input sanitization and output escaping on the 'Min length/characters' and 'Max...

4.4CVSS5.9AI score0.00262EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/01/28 1:33 a.m.8 views

WordPress Appointment Hour Booking plugin <= 1.5.60 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Min/Max Length' Field Configuration vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via 'Min/Max Length' Field Configuration vulnerability discovered by ALockWooD in WordPress Plugin Appointment Hour Booking versions = 1.5.60...

4.4CVSS5.9AI score0.00262EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/01/28 12:0 a.m.5 views

WordPress plugin Appointment Hour Booking: Cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.4CVSS5.7AI score0.00262EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-4962

Malware in sbrugna...

6.1CVSS6.2AI score0.01376EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-11624

Malware in sbrugna...

5.4CVSS5.4AI score0.00604EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51415

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00436EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-44877

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00494EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-49940

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00358EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-30507

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00351EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.7 views

CVE-2023-45649

Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Hour Booking: from n/a through = 1.4.23...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:38 p.m.10 views

CVE-2022-4034

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated attackers to embed untrusted input into content during booking creation that may be exported as a CSV file when a site's...

7.8CVSS7.4AI score0.00614EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.6 views

CVE-2021-24673

The Appointment Hour Booking WordPress plugin before 1.3.16 does not escape some of the Calendar Form settings, allowing high privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.7AI score0.00598EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:19 a.m.13 views

CVE-2019-13505

The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email1...

6.1CVSS5.9AI score0.01376EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:16 p.m.12 views

CVE-2022-4035

The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including, 1.3.72 due to insufficient input sanitization and output escaping that makes injecting iFrame tags possible. This makes it possible for...

7.2CVSS7.1AI score0.00687EPSS
Exploits1References1
NVD
NVD
added 2025/01/02 12:15 p.m.10 views

CVE-2023-45649

Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Hour Booking: from n/a through = 1.4.23...

5.3CVSS0.00358EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/02 11:59 a.m.8 views

CVE-2023-45649 WordPress Appointment Hour Booking plugin <= 1.4.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Hour Booking: from n/a through = 1.4.23...

5.3CVSS5.8AI score0.00358EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/02 11:59 a.m.20 views

CVE-2023-45649 WordPress Appointment Hour Booking plugin <= 1.4.23 - Broken Access Control vulnerability

Missing Authorization vulnerability in codepeople Appointment Hour Booking appointment-hour-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Hour Booking: from n/a through = 1.4.23...

5.3CVSS0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.5 views

WordPress plugin Appointment Hour Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.7AI score0.00358EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/02 12:0 a.m.6 views

PT-2025-1494 · Codepeople · Codepeople Appointment Hour Booking

Name of the Vulnerable Software and Affected Versions: CodePeople Appointment Hour Booking versions prior to 1.4.23 Description: The issue is related to a missing authorization vulnerability in CodePeople Appointment Hour Booking, which allows the exploitation of incorrectly configured access...

5.3CVSS7.2AI score0.00358EPSS
Exploits0References4
Rows per page
Query Builder